NotExperts
asked on
Creating domain trusts to access remote shares
Hi Guys,
I've got 2 domains in 2 seperate companies on 2003 and 2008 and have been tasked with creating a trust between them so that the local admins can change permissions on the shares on these domains to allow users from the other domains to access them without having to input their credentials each time. There will be a static VPN between the 2 networks.
I have never set these up before so any basic guides or things to look out for when doing this ? (i.e limitations, patching needed etc)
Thanks
I've got 2 domains in 2 seperate companies on 2003 and 2008 and have been tasked with creating a trust between them so that the local admins can change permissions on the shares on these domains to allow users from the other domains to access them without having to input their credentials each time. There will be a static VPN between the 2 networks.
I have never set these up before so any basic guides or things to look out for when doing this ? (i.e limitations, patching needed etc)
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks,
Do i need to setup a stub zone for each domain in the other domains ?
i.e i have 3 domains to setup trusts for so do i need a DNS stub zone for DomainA in DomainB and DomainC and a stub zone for DomainB in DomainA and DomainC etc ?
Ian
Do i need to setup a stub zone for each domain in the other domains ?
i.e i have 3 domains to setup trusts for so do i need a DNS stub zone for DomainA in DomainB and DomainC and a stub zone for DomainB in DomainA and DomainC etc ?
Ian
You can add stub zones, I prefer using conditional forwarders;
http://support.microsoft.com/kb/323380
Even a hosts file entry would work.
http://support.microsoft.com/kb/323380
Even a hosts file entry would work.
I was in the same boat with three domains.
As long as your VPN is setup OK with free, unhindered traffic across the tunnel AND your DNS is set up to resolve correctly you will be good to go. ( Again, i think i would use conditional forwarders rather than stub-zones.)
It is surprisingly easy, our difficulty was to have two exchange servers share the same domain name.
As long as your VPN is setup OK with free, unhindered traffic across the tunnel AND your DNS is set up to resolve correctly you will be good to go. ( Again, i think i would use conditional forwarders rather than stub-zones.)
It is surprisingly easy, our difficulty was to have two exchange servers share the same domain name.
ASKER
That's worked fine. Many Thanks
http://microsoftguru.com.au/2010/08/24/how-to-configure-site-to-site-vpn-using-forefront-tmg-2010/
Hope this helps